QwikSec

Security Database

CVE

CWE

Training

CVE-2015-2747

Published: Mar 26, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted (1) email or (2) HTTP request, which triggers a DLP Policy.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.securify.nl/advisory/SFY20140904/websense_data_security_dlp_incident_forensics_preview_is_vulnerable_to_cross_site_scripting.html

x_refsource_MISC

20150318 Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting

mailing-list

x_refsource_FULLDISC

20150318 Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/130897/Websense-Data-Security-DLP-Incident-Forensics-Preview-XSS.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.